Traditionally, a set top box (STB) is a device that connects to an audio and/or video display, such as a television or monitor, and a signal source. The STB receives signals from the signal source and converts the signals into information (content) that can be displayed on the television or monitor or used to generate sound.
STB's are employed in homes, hotels, and private offices among other places. Connection to the signal source may be made using Satellite, Cable, or Internet links (such as IPTV), for example. Additionally, the content may be delivered by digital television broadcast, such as DVB-T in Europe and ATSC in the United States. Some types of STB's convert these “free to air” transmissions into PAL signals (in the case of Europe) and NTSC signals (in the case of the United States) so that a television can render these new higher quality transmissions.
In the case of paid services such as Satellite TV, Cable TV, and paid IPTV (such as Netflix, ZillionTV etc), a proprietary content protection system is employed to prevent content theft and enforce the appropriate digital usage rights provided for by the content owners and service providers. Some of these services use Digital Rights Management (DRM) technology.
Copy protection has been around since the 1970's. The DVD content scramble system (CSS) was the first commercially successful “DRM”. Its purpose was to prevent casual DVD copying using a combination of low intensity encryption, a Key Management system and Bus Encryption.
Later generations evolved to include viewing control, which limited the number of views and restricted transfers to secondary devices. Enforcing the license required aspects such as multi-play monitoring, copying control, print control and alteration control.
Digital rights management (DRM) is an access control technology that is used to limit the use of software, music, videos or other digital data. It can be used by copyright holders, publishers, content providers, playback manufacturers and individuals to limit the use of digital content and devices.
The technology generally relies on interaction between the media and the system that plays it. For example, video DVDs usually include a region code. If the region code does not match the player's region code, the DVD player will not allow the disc to be played.
In the USA, the restrictive power of DRM depends on, and is extended, by two legal mechanisms: the Digital Millennium Copyright Act (“DMCA”) and End User License Agreements (“EULAs”).
DRM involves the user (the entity wishing to render the content), the content to rendered (music, movie, book, etc.) and the user's rights, which are actions the user is permitted perform with the content (for example, access once, access for specified period, copy, transfer to another device, etc).
Common DRM systems include: WM-DRM, Janus (Microsoft), MS PlayReady/Silverlight (Microsoft), Verimatrix, FairPlay (Apple), OMA (Open Mobile Alliance), BD+ (Blue Ray Discs), OpenMG (Sony Proprietary), Marlin (Intertrust) and others. Some DRM systems are hardware based.
An exemplary DRM system is shown in FIG. 1. The DRM system 100 includes a client 102 and a server 104.
The sequence of events by which the client obtains a license to a selected content is as follows:                (1) The client requests content rights, for example by selecting, authorizing or pay for content using a web browser 106 to communicate over a network to a web server 108.        (2) The transaction is recorded by the web server 108 in an Acquired Rights database 110.        (3) The web server 108 returns confirmation of the transaction by passing a token to the client's web browser 106.        (4) The browser triggers the client side of the DRM system 112.        (5) The client DRM system issues a Server Challenge (verify #1) to a web application server 114.        (6) The server parses, and validates the challenge and sends it to the application's Evaluation Logic 116.        (7) The Evaluation Logic 116 validates the request against the transaction record in the Acquired Rights database 110.        (8) The evaluation logic 116 submits a challenge to a DRM License Server 118.        (9) The DRM License Server 118 generates and returns a Custom License.        (10) The Evaluation Logic 116 passes the license back to application server 114.        (11) The Web Application Server 114 returns the license to client's DRM system 112.        (12) The client stores the license in protected license database 120.        
Operations performed during a DRM operation may include:                Utilization of proprietary protocols (usually unpublished)        Client Side License Request        License Logic        Server Side License Production        Encrypted Media Transmission        License Persistence Management        License Evaluation        License Revocation        
These operations are usually confidential and proprietary to each DRM manufacturer, but common functions include the retrieval of cryptographic keys and the subsequent decryption of content. In turn, this requires mechanisms for secure storage of cryptographic keys, secure communication of keys (e.g. secure busses), the use of platform serial numbers, and secure decoding of content and Chip ID requests.
Other operations used include the binding encryption key to the user's machine, the use of Web Based License Servers, in which a server provides an access key, and the use of Watermarks and Broadcast Flags, where data is embedded in content. For example, it is not permitted in the USA for a DVD recorder to record content if the embedded broadcast flag (BF) is set.
FIG. 2 shows an example of a web based license server. Referring to FIG. 2, a set top box (STB) 202, such as Internet Protocol (IP) STB, communicates with a remote license server 204 using a single proprietary DRM system to obtain an access key to be used in decoding or decrypting content.
A number of business models are associated with the use of DRM systems. For example, in the case of Satellite and cable content providers, the content provider selects a Conditional Access (CA)/DRM technology and specifies CA/DRM for the STB's in their network. In addition, the content provider owns the STB and supplies the STB to their customer. In the case of IPTV, the content providers select a DRM system to satisfy their content owners and utilize Internet Protocol (IP) streaming technology to deliver the content to the user. The rendering device is a personal computer, STB, or a portable digital device (mobile phone, PDA, etc).
In these business models only one type of CA/DRM system is needed on the STB, however, the STB is limited in the type of content that it can display.
Skilled artisans will appreciate that elements in the figures are illustrated for simplicity and clarity and have not necessarily been drawn to scale.